Skip to content

Instantly share code, notes, and snippets.

@odedlaz
Last active March 26, 2021 23:50
Show Gist options
  • Save odedlaz/d7ab932bb6c26912bfa64de32d0cfb53 to your computer and use it in GitHub Desktop.
Save odedlaz/d7ab932bb6c26912bfa64de32d0cfb53 to your computer and use it in GitHub Desktop.
vssh
#!/usr/bin/env fish
# add the following line to ~/.config/fish/completions in order to add hostname completion to the script
# complete -x -c vssh -d "Remote" -a "(__fish_complete_user_at_hosts)"
function get_gateway --argument addr
route -n get -net $addr | awk '/gateway/ { print $2 }'
end
function get_global_protect_interface_ipaddr_from_config
# parse global protect settings, extract preferred interface ips
# than iterate interfaces and try to find which interface belongs to this ip
/usr/libexec/PlistBuddy -c "print 'Palo Alto Networks':GlobalProtect:PanGPS" /Library/Preferences/com.paloaltonetworks.GlobalProtect.settings.plist | \
awk -F'=' '/PreferredIP_/ { print $2 }' | \
tr -d '[:blank:]' | \
xargs -I {} fish -c "ifconfig -a | awk '/inet {}/ { print \$2 }'"
end
function get_global_protect_interface_ipaddr_from_install_script
sudo awk '/\/sbin\/ifconfig [^ ]+ [0-9]/ { print $3 }' \
/Library/Logs/PaloAltoNetworks/GlobalProtect/network/config/itf-install.sh
end
function add_static_route --argument addr --argument gateway
echo "adding a static route from $addr to $gateway"
sudo route -n add -net $addr $gateway > /dev/null
end
function delete_static_route --argument addr
echo "deleting static route for $addr"
sudo route -n delete -net $addr > /dev/null
end
set remote (ssh -G $argv 2>/dev/null | awk '/^hostname/ { print $2 }')
# get the ip address of the vpn device
set gateway (get_global_protect_interface_ipaddr_from_config)
if test -z "$gateway"
echo "need root privileges in order to find the vpn gateway"
set gateway (get_global_protect_interface_ipaddr_from_install_script)
end
if ! ifconfig -a | grep "$gateway" &>/dev/null
echo "couldn't find any interface bound to $gateway"
echo "maybe the vpn client is not connected?"
exit 1
end
# get the hostname that ssh is going to use
if test (get_gateway $remote) != "$gateway"
echo "need root privileges in order to add a static route"
delete_static_route $remote || exit 1
add_static_route $remote $gateway || exit 1
end
ssh $argv
@gregalia
Copy link

My use case was a little different but this was very helpful. Thanks Oded!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment